<?php
class RbacCommand extends CConsoleCommand
{
   
    private $_authManager;
 
    
	public function getHelp()
	{
		
		$description = "DESCRIPTION\n";
		$description .= '    '."This command generates an initial RBAC authorization hierarchy.\n";
		return parent::getHelp() . $description;
	}
 
	
	/**
	 * The default action - create the RBAC structure.
	 */
	public function actionIndex()
	{
		 
		$this->ensureAuthManagerDefined();
		
		//provide the oportunity for the use to abort the request
		$message = "This command will create three roles and permissions";
		$message .= "Would you like to continue?";
	    
	    //check the input from the user and continue if 
		//they indicated yes to the above question
	    if($this->confirm($message)) 
		{
		     //first we need to remove all operations, 
			 //roles, child relationship and assignments
			 $this->_authManager->clearAll();
 
			 $this->_authManager->createOperation("createUsuario","create Usuario");
                         $this->_authManager->createOperation("readUsuario", "read Usuario");
                         $this->_authManager->createOperation("updateUsuario", "update Usuario");
                         $this->_authManager->createOperation("deleteUsuario", "delete Usuario");
                         $this->_authManager->createOperation("createProyecto", "create Proyecto");
                         $this->_authManager->createOperation("readProyecto", "read Proyecto");
                         $this->_authManager->createOperation("updateProyecto", "update Proyecto");
                         $this->_authManager->createOperation("deleteProyecto", "delete Proyecto");
                         $this->_authManager->createOperation("createExperimento", "create Experimento");
                         $this->_authManager->createOperation("readExperimento", "read Experimento");
                         $this->_authManager->createOperation("updateExperimento", "update Experimento");
                         $this->_authManager->createOperation("deleteExperimento", "delete Experimento");
                         $this->_authManager->createOperation("createIteracion", "create Iteracion");
                         $this->_authManager->createOperation("readIteracion", "read Iteracion");
                         $this->_authManager->createOperation("updateIteracion", "update Iteracion");
                         $this->_authManager->createOperation("deleteIteracion", "delete Iteracion");
                         $this->_authManager->createOperation("createLaboratorio", "create Laboratorio");
                         $this->_authManager->createOperation("readLaboratorio", "read Laboratorio");
                         $this->_authManager->createOperation("updateLaboratorio", "update Laboratorio");
                         $this->_authManager->createOperation("deleteLaboratorio", "delete Laboratorio");
                         $this->_authManager->createOperation("createEquipo", "create Equipo");
                         $this->_authManager->createOperation("readEquipo", "read Equipo");
                         $this->_authManager->createOperation("updateEquipo", "update Equipo");
                         $this->_authManager->createOperation("deleteEquipo", "delete Equipo");
                         $this->_authManager->createOperation("createCaracteristica", "create Caracteristica");
                         $this->_authManager->createOperation("readCaracteristica", "read Caracteristica");
                         $this->_authManager->createOperation("updateCaracteristica", "update Caracteristica");
                         $this->_authManager->createOperation("deleteCaracteristica", "delete Caracteristica");
                         $this->_authManager->createOperation("createVariable", "create Variable");
                         $this->_authManager->createOperation("readVariable", "read Variable");
                         $this->_authManager->createOperation("updateVariable", "update Variable");
                         $this->_authManager->createOperation("deleteVariable", "delete Variable");
                         $this->_authManager->createOperation("createFin", "create Fin");
                         $this->_authManager->createOperation("readFin", "read Fin");
                         $this->_authManager->createOperation("updateFin", "update Fin");
                         $this->_authManager->createOperation("deleteFin", "delete Fin");
                         $this->_authManager->createOperation("createTipofin", "create Tipofin");
                         $this->_authManager->createOperation("readTipofin", "read Tipofin");
                         $this->_authManager->createOperation("updateTipofin", "update Tipofin");
                         $this->_authManager->createOperation("deleteTipofin", "delete Tipofin");
                         $this->_authManager->createOperation("especializarU", "delete Tipofin");
                         $this->_authManager->createOperation("investigadores", "delete Tipofin");
            
						 
			 $role=$this->_authManager->createRole("laboratorista"); 
			 $role->addChild("createLaboratorio");
                         $role->addChild("readLaboratorio");
                         $role->addChild("updateLaboratorio");
                         $role->addChild("deleteLaboratorio");
                         $role->addChild("createEquipo");
                         $role->addChild("readEquipo");
                         $role->addChild("updateEquipo");
                         $role->addChild("deleteEquipo");
                         $role->addChild("createCaracteristica");
                         $role->addChild("readCaracteristica");
                         $role->addChild("updateCaracteristica");
                         $role->addChild("deleteCaracteristica"); 
 
			 $role=$this->_authManager->createRole("investigador"); 
			 $role->addChild("createExperimento");
                         $role->addChild("readExperimento");
                         $role->addChild("updateExperimento");
                         $role->addChild("deleteExperimento");
                         $role->addChild("createIteracion");
                         $role->addChild("readIteracion");
                         $role->addChild("updateIteracion");
                         $role->addChild("deleteIteracion");
                         $role->addChild("createVariable");
                         $role->addChild("readVariable");
                         $role->addChild("updateVariable");
                         $role->addChild("deleteVariable");
                         $role->addChild("createFin");
                         $role->addChild("readFin");
                         $role->addChild("updateFin");
                         $role->addChild("deleteFin");
                         $role->addChild("createTipofin");
                         $role->addChild("readTipofin");
                         $role->addChild("updateTipofin");
                         $role->addChild("deleteTipofin");
                         $role->addChild("readlaboratorio");
                         $role->addChild("readEquipo");
                         $role->addChild("readCaracteristica");
                         
                         
                         
                         $role=$this->_authManager->createRole("investigadorPrincipal"); 
			 $role->addChild("investigador");
                         $role->addChild("createProyecto");
                         $role->addChild("readProyecto");
                         $role->addChild("updateProyecto");
                         $role->addChild("deleteProyecto");
                         $role->addChild("investigadores");
                         
                         $role=$this->_authManager->createRole("admin"); 
			 $role->addChild("investigadorPrincipal");
                         $role->addChild("laboratorista");
                         $role->addChild("createUsuario");
			 $role->addChild("readUsuario"); 
			 $role->addChild("updateUsuario"); 
                         $role->addChild("deleteUsuario");
                         $role->addChild("especializarU");
 
		 
		     //provide a message indicating success
		     echo "Authorization hierarchy successfully generated.\n";
        }
 		else
			echo "Operation cancelled.\n";
    }
 
	public function actionDelete()
	{
		$this->ensureAuthManagerDefined();
		$message = "This command will clear all RBAC definitions.\n";
		$message .= "Would you like to continue?";
	    //check the input from the user and continue if they indicated 
	    //yes to the above question
	    if($this->confirm($message)) 
	    {
			$this->_authManager->clearAll();
			echo "Authorization hierarchy removed.\n";
		}
		else
			echo "Delete operation cancelled.\n";
			
	}
	
	protected function ensureAuthManagerDefined()
	{
		//ensure that an authManager is defined as this is mandatory for creating an auth heirarchy
		if(($this->_authManager=Yii::app()->authManager)===null)
		{
		    $message = "Error: an authorization manager, named 'authManager' must be con-figured to use this command.";
			$this->usageError($message);
		}
	}
}
